Getting the Right Firewall Protection for Your Data Centre

The explosive growth in data creation and data storage is set to continue, with Asia Pacific’s data center market increasing significantly and even surpassing the European market by 2021, according to Cushman & Wakefield. The surge in data consumption in the region is currently driving the increase, and mobile data usage has increased in Asia…

Vulnerability Notification: Mining Trojans

[Overview] With the rise of virtual currency, a new type of attack – mining Trojans quietly prevailed. Different from the ransomware encrypting user key data and virus Trojan destructing business system, the mining Trojan has no obvious attack characteristics, making it difficult for users to detect. According to statistics, mining Trojans have become one of…

Announcing the Hillstone CloudView 2.5

To drive compliance, ease of use and to mitigate threats real time, we are releasing a new version of Hillstone CloudView. In CloudView v2.5, to streamline and ensure compliance with GDPR regulations in Europe, Hillstone has added a data center in Europe, in addition to its existing data centers in APAC and North America. The…

Vulnerability Notification: Jenkins CI Server getOrCreate Policy Bypass

[Overview] Jenkins is an open source, continuous integration and delivery application based on Java development that runs in a Servlet container. Jenkins allows developers to automate the build process using Apache Ant, Apache Maven, and Shell scripts, allowing developers to focus more on business implementation. [Vulnerability Details] CVE-2018-1999001: The vulnerability is caused by the getOrCreate()…

Vulnerability Notification: Oracle WebLogic Server Activator Insecure Deserialization

[Overview] WebLogic Server is a Java application server platform for developing, integrating, deploying, and managing large distributed Web applications and database applications. Recently, Oracle released an update patch to fix the WebLogic Server deserialization vulnerability. [Vulnerability Details] CVE-2018-2893: The vulnerability is caused by deserializing suspicious data in a T3 protocol request. An unauthorized attacker could…